On Mon, Jul 14, 2008 at 09:50:25AM +0200, Hermann Himmelbauer wrote:
(..) 1) No way to pass PAU-related information to form-code: In PAU, the (..)
As I using PAU within Plone and PlonePAS to handle the credential extraction and form stuff, I can't say anything about PAU's capabilities of doing that. However, I wrote it down and will eventually look into it.
2) Lack of documentation: The entities "Principal, InternalPrincipal, PrincipalInfo" are very confusing to a newbie, I still don't get the "big picture".
InternalPrincipal is a persistent object used to store the data of principals in a PrincipalFolder, PrincipalInfo is returned upon successfull authentication and handed to FoundPrincipalFactory, which extracts some information and returns Principal objects.
3) Lack of plugins: No plugin for URL-rewriting, e.g. cookie-less browsers (retrieving auth-information from URL) etc.
I don't know about URL-rewriting, but you should be easily able to write your own credentials plugin to extract whatever you like from a request object.
I personally needed to write an authentication plugin for a SQLAlchemy based RDB, and was confused a lot of how/why to create Principal / PrincipalInfo objects: Should I create my own Principal/PrincipalInfo objects in order to stuff information into them that my application needs?
Most probably that could work.
How excactly should I cache user data so that a single browser request does not lead to multiple RDB queries? And where in the big picture is the "User" entity? (It's probably the InternalPrincipal object, I assume)...
You don't need InternalPrincipal objects, they are specific to PrincipalFolder, IMHO. I think you need: - custom authenticator plugin, that authenticates against RDB and has a dictionary as cache: key = login, value = password; - custom foundprinciplefactory, that generates Principal objects from RDB data, again using a simple key=login,value=Principal dictionary as cache; - eventually a custom credentials plugin, that for your point 3.
(..) So I would very, very much suggest to dig into PAU first and fix those shortcomings before porting it to Plone/Zope2.
Exactly what I am doing :) Thank you very much for your feedback. florian